The
WannaCry ransomware attack is an ongoing global cyberattack that uses a
cryptoworm which targets computers running Microsoft Windows, encrypting data
and demanding ransom payments via Bitcoin, a cryptocurrency and digital payment
system. The attack started on Friday, 12 May 2017 and has been described as
unprecedented in scale, infecting more than 200,000 computers in over 150
countries.[1] In less than a week, WannaCry has evolved into a global
public security threat.
Map of the countries
initially affected[1]
|
So
far, the economic loss caused by the ransomware attack has not been released
officially, but the estimated loss will be significant. Which attacks should
enterprises be weary of? Which must be prevented? Avoiding another type of
WannaCry ransomware attack is essential.
As
early as two years ago, it was reported that enterprises suffered from phone
flooding attacks, which also demanded ransom payments. If ransom was not paid, enterprise
communication services would be crippled, causing vast losses for business.[2]
There
are two types of common security threats to enterprise communication services.
One is the Phone flooding type, which is a Telecommunication Denial of Service
(TDoS) attack that attempts to disable enterprise communications systems. This
type of attack could cripple an enterprise, such as call centers, that mainly
provide communication services.
The
other type of attack is toll fraud. Hackers attack enterprise communication
systems, such as a SIP Private Branch Exchange (PBX), to call international
information centers for illegal profits. In 2013, Melissa, the owner of a ReMax
office in America was shocked by a high phone bill, totaling close to $600,000
for calls she did not make. Hundreds of calls were made to Somalia, Guinea, and
Azerbaijan, which had no business relationship with the ReMax office.[3]
So
what can we do to resolve security issues on an enterprise communication
network?
The
Huawei Enterprise Session Border Controller (eSBC), our most advanced
enterprise communication security device, is deployed at the border of the
enterprise network to help enterprises solve two major security issues.
Huawei eSBC
|
1. Defense against various types of TDoS attacks using IDS
- The eSBC constantly analyzes user behavior in-depth, and identifies attacks and takes security measures, protecting authorized user rights and eliminating the impact of network attacks on enterprise services.
2. Prevention, attack defense, and fraud prevention, protecting enterprises against toll fraud
- Prevention: Huawei eSBC supports message proxy and topology hiding, to hide IP addresses and ports, preventing attackers from finding targets on enterprise networks.
- Attack defense: Huawei eSBC defends against brute-force cracking attacks. Attackers cannot log in to an enterprise network or commit fraud.
- Fraud prevention: Huawei eSBC supports CAC, granting user-specific call rights and preventing toll fraud caused by account leaks.
Huawei eSBC also supports the following functions to protect the enterprise services of authorized users:
- Overload protection for valid services: Huawei eSBC supports service-aware flow control, ensuring the high-priority user and emergency service success rates during peak hours.
- Bandwidth control: Huawei eSBC restricts bandwidth resources available to a user to prevent overuse of resource.
- Communication encryption: Huawei eSBC supports signaling and media encryption, securing communication content and preventing disclosure of business information caused by session hijacking.
Huawei eSBC has been globally deployed on thousands of enterprise networks in many industries, including government, finance, energy, education, transportation, and telecommunications.
Huawei
eSBC, always securing your enterprise networks.
[1]
https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
[2]
http://gd.people.com.cn/n/2015/1111/c123932-27076522.html
[3]
http://www.missourinet.com/2013/05/16/remax-office-owner-hit-by-phone-fraud-600000-bill
没有评论:
发表评论